package com.liy.jiagou.config;


import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;

// security.oauth2
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;


// security
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)    // 完整的方法级别的控制 需要这个注解

//@EnableOAuth2Sso       // 开启 Sso 功能
//@Order(101)           // OAuth2SsoDefaultConfiguration 使用了 Order(100)，所以这里设置为 Order(101)，防止相同顺序导致报错
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/login").permitAll()
                .antMatchers("/client-login").permitAll()
                .antMatchers("/callback").permitAll()
                .antMatchers("/callback02").permitAll()

                // 设置其它请求，需要认证后访问
                .anyRequest().authenticated();
    }

}
